package com.qianfeng.rencai.security.config;

import com.qianfeng.rencai.security.filter.CaptchaFilter;
import com.qianfeng.rencai.security.handler.MyFailHandler;
import com.qianfeng.rencai.security.handler.MySuccessHandler;
import com.qianfeng.rencai.security.service.MyUserSetailService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.stereotype.Component;

/**
 * Created by wenka on 2022/3/30 16:04
 *
 * @author wenkaixin
 * @version 1.0
 * @since 1.0
 */
@Component
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true, proxyTargetClass = true)

public class MySecurityConfig extends WebSecurityConfigurerAdapter {
    private MySuccessHandler mySuccessHandler;
    private MyFailHandler myFailHandler;
    private BCryptPasswordEncoder bCryptPasswordEncoder;
    private MyUserSetailService MyUserSetailService;
    private CaptchaFilter captchaFilter;

    @Autowired
    public void setCaptchaFilter(CaptchaFilter captchaFilter) {
        this.captchaFilter = captchaFilter;
    }

    @Autowired
    public void setMyFailHandler(MyFailHandler myFailHandler) {
        this.myFailHandler = myFailHandler;
    }

    @Autowired
    public void setMySuccessHandler(MySuccessHandler mySuccessHandler) {
        this.mySuccessHandler = mySuccessHandler;
    }

    @Autowired
    public void setMyUserSetailService(com.qianfeng.rencai.security.service.MyUserSetailService myUserSetailService) {
        MyUserSetailService = myUserSetailService;
    }

    @Autowired
    public void setbCryptPasswordEncoder(BCryptPasswordEncoder bCryptPasswordEncoder) {
        this.bCryptPasswordEncoder = bCryptPasswordEncoder;
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(MyUserSetailService)
                //密码需要转换
                .passwordEncoder(bCryptPasswordEncoder);

    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/static/**","/captcha");

    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.addFilterBefore(captchaFilter, UsernamePasswordAuthenticationFilter.class);
        //告诉security 我们页面传递过滤的数据中哪个是用户名,哪个是密码
        http.csrf().disable();
        http.authorizeRequests()//认证请求
                .and().formLogin()//spring-security给我们提供了一个默认的登录页面,默认地址就是/login, 我们可以改
                .loginPage("/static/login.html")//自定义登录页面
                .loginProcessingUrl("/login")//自定义我们的登录处理地址,注意这个地址不需要我们写controller,我们只需要写路径就行, security会自动帮我们处理这个地址,所以这个地址不要和项目的地址重复
                // .usernameParameter("uName")//自定义用户名的参数,默认是username,如果是用的默认页面,可以忽略,写了也白写
                // .passwordParameter("pwd")//自定义密码的参数名
                .successHandler(mySuccessHandler)//自定义成功之后怎么办?//我们有两个事情要做, 第一个成功之后返回什么? 第二个登录成功之后查询用户的权限
                .failureHandler(myFailHandler)//登录失败之后怎么做
                .permitAll()//放行.登录地址是不需要拦截,所谓的放行是先到security然后发现不需要拦截,就放行
                .and().logout().
                logoutUrl("/logout")
                .permitAll()//自定义退出的地址,这个地址也不需要你写,security会自动退出并清理登录数据
                .and().authorizeRequests().anyRequest()//任意地址,除了上面单独配置的其他地址
                .authenticated();//必须登录才可以访问,是否需要登录取决于业务
//        http.addFilterBefore(captchaFilter, UsernamePasswordAuthenticationFilter.class);
//        http.csrf().disable();//关闭请求跨站伪造功能
//        http.authorizeRequests()//认证请求
////                .antMatchers("/captcha").permitAll()
//                //表单登录配置
//                .and().formLogin()
//                .loginPage("/static/login.html")
//                .loginProcessingUrl("/login")
////                .usernameParameter("uu")
////                .passwordParameter("pp")
//                .successHandler(mySuccessHandler)
//                .failureHandler(myFailHandler)
//                .permitAll()
//
//                //登出配置
//                .and().logout()
//                .logoutUrl("/logout")
//                .permitAll()
////                .logoutSuccessHandler(myLogoutSuccessHandler)
//                //任意请求配置
//                .and().authorizeRequests()
//                .anyRequest()
//                .authenticated();
    }
}
